package com.we.scrm.common.shiro;

import java.util.LinkedHashMap;
import java.util.Map;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;



@Configuration
public class ShiroConfiguration {

    Logger logger = LoggerFactory.getLogger(ShiroConfiguration.class);

    @Bean("shiroFilter")
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean sffb = new ShiroFilterFactoryBean();
        sffb.setSecurityManager(securityManager);
        sffb.setLoginUrl("/login"); //这里就是我们在AuthUserController.java里设置的 get请求  @GetMapping("/login")

        Map<String,String> filterChainDefinitionMap = new LinkedHashMap<String,String>();
        filterChainDefinitionMap.put("/login", "anon");//我们的登录接口
        filterChainDefinitionMap.put("/res/**", "anon");//res目录下的资源文件
        filterChainDefinitionMap.put("/api/**", "anon");//小程序的api接口
        filterChainDefinitionMap.put("/error/**", "anon");//，一些错误码的处理
        filterChainDefinitionMap.put("/idcode", "anon");//验证码接口
        filterChainDefinitionMap.put("/file/attachment/**", "anon");//图片处理相关接口

        filterChainDefinitionMap.put("/**", "authc");//除了上述接口，其他都走登录验证
        sffb.setFilterChainDefinitionMap(filterChainDefinitionMap);

        return sffb;
    }

    @Bean
    public SecurityManager securityManager() {
        DefaultWebSecurityManager swsm = new DefaultWebSecurityManager();
        swsm.setRealm(authRealm());
        swsm.setSessionManager(sessionManager());
        return swsm;
    }

    @Bean
    public AuthRealm authRealm() {
        return new AuthRealm();
    }

    //去掉jsessionid小尾巴
    @Bean
    public DefaultWebSessionManager sessionManager() {
        //SessionIdUrlRewritingEnabled的默认值是false
        return new DefaultWebSessionManager();
    }

}

